package com.alibaba.algo.filter;

import com.alibaba.algo.constants.Constants;
import com.alibaba.algo.cooperation.common.BaseResult;
import com.alibaba.algo.domain.dict.SysDictDomain;
import com.xxl.sso.core.util.ResponseUtils;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Locale;
import java.util.Map;

/**
 * @ClassName FeignAuthFilter
 * @Author heshuaijie
 * @Description //TODO
 * @Date 2022/1/3 16:32
 */
@Slf4j
@WebFilter(urlPatterns = "/feignApi/*", filterName = "FeignAuthFilter")
public class FeignAuthFilter implements Filter {

    @Value("${checkPermissionsEnable:false}")
    private boolean checkPermissionsEnable;
    @Value("#{${tenants:null}}")
    private Map<String, String> tenants;

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        Filter.super.init(filterConfig);
    }

    /**
     * 校验权限
     *
     * @return
     */
    private boolean checkPermissions(String ssoTenantCode, String ssoTenantAccessKey) {
        if (StringUtils.isEmpty(ssoTenantCode) ||
                StringUtils.isEmpty(ssoTenantAccessKey)) {
            log.info("ssoTenantCode or ssoTenantAccessKey is empty");
            return false;
        }
        if (null == tenants || tenants.isEmpty()) {
            log.info("WARNING: tenants not config");
            return false;
        }
        return ssoTenantAccessKey.equals(tenants.get(ssoTenantCode.toLowerCase(Locale.CHINA)));
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        log.info("FeignAuthFilter.doFilter begin ");
        if (checkPermissionsEnable) {
            HttpServletRequest request = (HttpServletRequest) servletRequest;
            HttpServletResponse response = (HttpServletResponse) servletResponse;
            String ssoTenantCode = request.getHeader("ssoTenantCode");
            String ssoTenantAccessKey = request.getHeader("ssoTenantAccessKey");
            if (!checkPermissions(ssoTenantCode, ssoTenantAccessKey)) {
                ResponseUtils.writeResponse(response, BaseResult.buildError(Constants.NO_PERMISSIONS_CODE,
                        Constants.NO_PERMISSIONS_DESC));
                return;
            }
        } else {
            log.info("WARNING: checkPermissionsEnable is false ");
        }
        filterChain.doFilter(servletRequest, servletResponse);
        log.info("FeignAuthFilter.doFilter end ");
    }

    @Override
    public void destroy() {
        Filter.super.destroy();
    }
}
